1. What are currently the biggest security threats colleges are seeing today?
Higher education is an inherently complex landscape, striking a balance between an open learning environment and protecting resources that make that learning environment possible. Security needs to be robust without impeding learning. Students are rapidly accelerating the number of devices being introduced to the network, which is greatly increasing the attack surface. The influx of disparate devices combined with a widened attack surface present some of the greatest security challenges in higher education today. Add that to the fact that higher education institutions are rich targets for outside attackers trying to access copious amounts of personal data, and it becomes evident that IT has a monumental task to ensure a secure environment.
2. What are some technologies colleges can use to up security against these threats?
DDoS attacks are growing significantly in education. Motives range from students trying to cripple the network to interrupt testing to outside attacks attempting to infiltrate valuable data and personal information. Needless to say, a solution that will help alleviate DDoS attacks is key for any higher education environment as these attacks will continue to surface. Additionally, robust visibility and protection at the firewall level will help mitigate threats to an institution. Segmenting different parts of the network (from a firewall perspective) will also help ensure that should an attack get through, it will be contained within a limited scope.
3. What trends do you see occurring in cybersecurity in higher education?
Two trends stick out in my mind in higher education: first is the desire to move applications and data into a cloud environment. Most schools I have talked to are looking for a hybrid approach between on prem and cloud-based deployments. What remains consistent is that they want to ensure the same security exists at both levels. A second trend is focusing on how to secure research traffic. The typical challenge here is around scalability as research networks are scaling out into 100GB environments. Nevertheless, there is a great deal of valuable intellectual property that a school must protect.
4. What are some tips you would give to colleges to better equip their campus against threats?
Higher education tends to be a communal experience between institutions. Unlike many other vertical markets, there is a willingness to share information, best practices, buying decisions, etc. I have attended conferences, advisory boards and user groups where helpful information has been shared back and forth on topics such as security best practices, how to run a proof of concept and how to integrate different elements into a security infrastructure. Colleges should capitalize on this environment, as it can provide a wealth of information.
5. Where do you see the future of security heading for in 2016?
Many institutions are seeking the balance between security and scale. Device proliferation and increasing bandwidth are driving the need to plan more creatively for the next three to five years. Security is paramount and must be a top priority for any higher education environment. However, providing scalability and protecting their investment is also key to a successful deployment of any infrastructure.